Many organisations have come to rely on firewalls as a keystone of their network defences, so it is important to ensure that they are fit for purpose and delivering optimum performance. Context has developed a methodology for firewall rule-base reviews designed to identify security vulnerabilities, such as a failure to achieve best practice, or instances of incorrect firewall configuration.
The review is most effective if Context is equipped with detailed knowledge of the firewall and network infrastructure, including details of network traffic flow and information concerning the location, nature and intended function of hosts or objects defined within the firewall rule base.
Typical vulnerability types discovered during firewall architecture reviews include:
- Overly permissive rules that enable too great a degree of access between hosts via various protocols
- Inadequate or no logging
- Insecure access points
- Insecure encryption methods
The scope of each review can be adjusted to suit individual circumstances. We can conduct detailed and comprehensive reviews of firewall coverage for an entire network – or focus instead on protection of a specific host or subnet.